CVE-2023-28335, GHSA-wxmq-v9gx-75pg
packagist/moodle/moodle
Cross-Site Request Forgery (CSRF)
The link to reset all templates of a database activity does not include the necessary token to prevent a CSRF risk.
All versions starting from 4.1.0 before 4.1.2
Upgrade to version 4.1.2 or above.
2023-03-24
source |